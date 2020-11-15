(AGENPARL) – WORLD WIDE, dom 15 novembre 2020
Cryptology ePrint Archive: Report 2020/1436
Removable Weak Keys for Discrete Logarithm Based Cryptography
Michael John Jacobson Jr. and Prabhat Kushwaha
Abstract: We describe a novel type of weak cryptographic private key that can exist in any discrete logarithm based
public-key cryptosystem set in a group of prime order $p$ where $p-1$ has small divisors.
Unlike the weak private keys based on numerical size (such as smaller private keys, or private keys lying in an interval) that will always exist in any DLP cryptosystems, our type of weak private keys occurs purely due to parameter choice of $p$, and hence, can be removed with appropriate value of $p$.
Using the theory of implicit group representations, we present algorithms that can determine whether a key
is weak, and if so, recover the private key from the corresponding public key.
We analyze several elliptic curves proposed in the literature and in various standards, giving counts
of the number of keys that can be broken with relatively small amounts of computation. Our results show
that many of these curves, including some from standards, have a considerable number of such weak private keys.
We also use our methods to show that none of the 14 outstanding Certicom Challenge problem instances are
weak in our sense, up to a certain weakness bound.
Category / Keywords: public-key cryptography / public-key cryptography, elliptic curve cryptosystem, cryptographic protocols
Date: received 15 Nov 2020
Contact author: prabkush at gmail com
